package cn.joeg.app.web.core.interceptor;

import cn.joeg.app.GCore;
import cn.joeg.app.GCoreContext;
import cn.joeg.app.css.util.CSS;
import cn.joeg.app.css.util.dto.CallSession;
import cn.joeg.app.dto.OptInfo;
import cn.joeg.app.web.core.vo.WidgetDataReq;
import com.ecfront.dew.common.JsonHelper;
import com.ecfront.dew.common.Resp;
import com.ecfront.dew.common.interceptor.DewInterceptRespBody;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Component;

import java.util.Map;

@Component
public class WidgetAuthInterceptor extends WidgetDataFetchInterceptor {

    @Override
    public Resp<DewInterceptRespBody<WidgetDataReq>> before(WidgetDataReq obj, Map<String, Object> context) {
        GCoreContext requestContext = GCore.context();
        String token = requestContext.getToken();
        String optstr = GCore.cluster.cache.get(GCore.Constant.TOKEN_INFO_FLAG + token);
        if (StringUtils.isBlank(optstr)) {
            //没有登录
            return Resp.unAuthorized("未授权");
        }
        OptInfo optInfo = JsonHelper.toObject(optstr, OptInfo.class);

        String cacheToken = GCore.cluster.cache.get(GCore.Constant.TOKEN_ID_REL_FLAG + optInfo.getAccountCode());

        return Resp.success(DewInterceptRespBody.build(obj, context));
    }

    @Override
    public Resp<DewInterceptRespBody<WidgetDataReq>> after(WidgetDataReq obj, Map<String, Object> context) {
        if (obj.getWidgetDataResp().ok()) {
            CallSession callSession = CSS.Call.getCallSession();
            if (callSession.getCurrBusinessCodeSession().isAuthedCustomerName()
                    && callSession.getCurrBusinessCodeSession().isAuthedCustomerCredentials()
                    && callSession.getCurrBusinessCodeSession().isAuthedCustomerCredentials()
                    && !callSession.getCurrBusinessCodeSession().getAuthedOthers().values().contains(false)) {
                // 都已经认证了
                return Resp.success(DewInterceptRespBody.build(obj, context));
            }
            // 脱敏
            JsonNode data = obj.getWidgetDataResp().getBody().getData();
            if (data.isArray()) {
                // 列表数据
                for (JsonNode node : data) {
                    dataMasking(node, callSession);
                }
            } else if (data.has("recordTotal") && data.has("objects")) {
                // 分页数据
                for (JsonNode node : data.get("objects")) {
                    dataMasking(node, callSession);
                }
            } else {
                // 单条数据
                dataMasking(data, callSession);
            }
        }
        return Resp.success(DewInterceptRespBody.build(obj, context));
    }

    private void dataMasking(JsonNode jsonNode, CallSession callSession) {
        for (JsonNode node : jsonNode) {
            if (!callSession.getCurrBusinessCodeSession().isAuthedCustomerName() && node.has(CSS.CommonKeyData.CUSTOMER_BASIC_NAME) && !node.get(CSS.CommonKeyData.CUSTOMER_BASIC_NAME).asText().isEmpty()) {
                ((ObjectNode) jsonNode).put(CSS.CommonKeyData.CUSTOMER_BASIC_NAME, jsonNode.get(CSS.CommonKeyData.CUSTOMER_BASIC_NAME).asText().substring(0, 1) + "**");
            }
            if (!callSession.getCurrBusinessCodeSession().isAuthedCustomerCredentials() && node.has(CSS.CommonKeyData.CUSTOMER_BASIC_CREDENTIALS) && !node.get(CSS.CommonKeyData.CUSTOMER_BASIC_CREDENTIALS).asText().isEmpty()) {
                ((ObjectNode) jsonNode).put(CSS.CommonKeyData.CUSTOMER_BASIC_CREDENTIALS, "*************" + jsonNode.get(CSS.CommonKeyData.CUSTOMER_BASIC_CREDENTIALS).asText().substring(jsonNode.get(CSS.CommonKeyData.CUSTOMER_BASIC_CREDENTIALS).asText().length() - 4));
            }
            if (!callSession.getCurrBusinessCodeSession().isAuthedCustomerAddress() && node.has(CSS.CommonKeyData.CUSTOMER_BASIC_ADDRESS)) {
                ((ObjectNode) jsonNode).put(CSS.CommonKeyData.CUSTOMER_BASIC_ADDRESS, "");
            }
            callSession.getCurrBusinessCodeSession().getAuthedOthers().entrySet().stream().filter(i -> !i.getValue() && node.has(i.getKey())).forEach(item -> {
                ((ObjectNode) jsonNode).put(item.getKey(), "");
            });
        }
    }
}
